Vulnerability

Researchers Warn of NTLMv1 Bypass in Active Directory Policy

2 minute read

Security

Researchers Warn of NTLMv1 Bypass in Active Directory Policy

Silverfort has discovered that a misconfiguration can bypass an Active Directory Group Policy designed to disable NTLMv1, allowing…

byDeeba Ahmed

January 17, 2025

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

2 minute read

Security

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

A critical vulnerability (CVE-2024-50603) in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in…

byDeeba Ahmed

January 15, 2025

3 minute read

Fake PoC Exploit Targets Cybersecurity Researchers with Malware

A fake proof-of-concept (PoC) exploit designed to lure cybersecurity researchers into downloading malicious software. This deceptive tactic leverages a recently patched critical vulnerability in Microsoft's Windows LDAP service (CVE-2024-49113), which can cause denial-of-service attacks.

byDeeba Ahmed

January 11, 2025

Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways

3 minute read

Security

Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways

Ivanti has issued a critical security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateway products.

byDeeba Ahmed

January 10, 2025

5 minute read

Harnessing AI for Proactive Threat Intelligence and Advanced Cyber Defense

Discover how AI revolutionizes cybersecurity with real-time threat detection, adaptive protection, and advanced data protection to combat evolving…

byOwais Sultan

January 9, 2025

Millions of Email Servers Exposed Due to Missing TLS Encryption

3 minute read

Security

Millions of Email Servers Exposed Due to Missing TLS Encryption

Millions of email servers worldwide remain alarmingly vulnerable to cyberattacks due to a critical security oversight: the absence of Transport Layer Security (TLS) encryption.

byDeeba Ahmed

January 8, 2025

Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation

3 minute read

Security

Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation

Critical security vulnerabilities have been found in Moxa cellular routers and network security appliances. Learn about CVE-2024-9138 &…

byDeeba Ahmed

January 8, 2025

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

2 minute read

Security

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

A recent claim that a critical zero-day vulnerability existed in the popular open-source file archiver 7-Zip has been met with skepticism from the software's creator and other security researchers.

byDeeba Ahmed

January 2, 2025

FortiGuard Labs Links EC2 Grouper Hackers to AWS Credential Exploits

3 minute read

FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits

Researchers at FortiGuard Labs have identified a prolific attacker group known as "EC2 Grouper" who frequently exploits compromised credentials using AWS tools.

byDeeba Ahmed

January 1, 2025

3 minute read

Exposed Cloud Server Tracks 800,000 Volkswagen, Audi, and Skoda EVs

SUMMARY A recent report from the German news outlet Spiegel has revealed a significant security breach impacting hundreds…

byDeeba Ahmed

December 30, 2024

The Latest

Fintech Bill Pay Platform “Willow Pays” Exposes Over 240,000 Records

Telegram-Based “Sneaky 2FA” Phishing Kit Targets Microsoft 365 Accounts

Hackers Claim Breach of Hewlett Packard Enterprise, Lists Data for Sale

Bitcoin’s Prospects in 2025: Exploring Opportunities and Mitigate Risks

Vulnerability

Researchers Warn of NTLMv1 Bypass in Active Directory Policy

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

Fake PoC Exploit Targets Cybersecurity Researchers with Malware

Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways

Harnessing AI for Proactive Threat Intelligence and Advanced Cyber Defense

Millions of Email Servers Exposed Due to Missing TLS Encryption

Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits

Aembit Announces Speaker Lineup for the Inaugural NHIcon

Sweet Security Introduces Patent-Pending LLM-Powered Detection Engine, Reducing Cloud Detection Noise to 0.04%

Wultra Secures €3M to Protect Financial Institutions from Quantum Threats

Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace

Security Risk Advisors joins the Microsoft Intelligent Security Association